Feeds

My lost Cobol years: Integrating legacy management

When does management itself become the problem?

  • alert
  • submit to reddit

Protecting users from Firesheep and other Sidejacking attacks with SSL

Workshop Nearly a quarter of a century ago, I went for a job interview with ICL. “What do you think of COBOL?” they asked. “It’s a dinosaur, won’t last, should be put out of its misery,” I remember saying.

The two grey suits looked at each other and turned back to me. “We’re a COBOL shop,” said one, before the interview very swiftly came to an end.

In hindsight, the strange thing is not the fact that I didn’t get an offer of employment; rather, that COBOL skills are still in demand today. Had I not fluffed the interview I could have taken the job in the knowledge I had (at least) 23 years of forward security, which feels somewhat incongruous in this supposedly fast-changing world of IT.

Technology professionals have seen many things come over the past few decades, but few of them go – while the more proprietary systems have tended to vanish, many companies retain applications written in C, Java and indeed, COBOL and FORTRAN to name a few supposedly old-school languages. But what does this mean when it comes to managing the old alongside the new?

Older systems never die, they tend to be subsumed into the IT environment. Reasons are legion: one IT manager at a finance organisation told me how the idea of decommissioning a system was an anathema, simply because it was too complicated to work out if it was no longer needed.

There’s an ‘if it ain’t broke, don’t fix it’ attitude that pervades many companies, while for others, the costs of taking a system out of service would exceed the benefits of doing so. Systems are often as valuable as the data they store, and it can make more sense to build a new front end onto an existing database running on an AS400 (say), than replacing it wholesale with a new hardware acquisition and migrating data, tools and working practices built around the application.

It may hurt to say so, but it appears that some such platforms have yet to be bested. When suggested a couple of years ago on The Register, that mainframes might be obsolete for certain workloads such as data warehousing, readers quite rightly responded in no uncertain terms.

The mainframe platform remains one of the most resilient and secure available, and also offers one of the most attractive cost-per-CPU-hour propositions if it is fully laden. Whether or not virtualisation security is an oxymoron, few can deny that both virtualisation and security were in active use on the mainframe long before the wave of x86 virtualisation activity we are seeing today.

The downside of multiple generations of systems is that each tends to come with its own set of management tools and practices. Research we have carried out recently (soon to be published) suggests the phenomenon of fragmented management – that is, if each system requires separate management capabilities, the resulting overheads in terms of staffing outweigh the in-principle benefits of having such management tools in place in the first place.

In other words, the use of tools to support and automate IT management activity is not, by itself, a guarantee of efficiency. Sooner or later, it becomes appropriate to look at the ‘manager of managers’ precept – a single console which can be used to co-ordinate activity across multiple systems – but we know how hard it can be to get funding for such capabilities.

What we don’t absolutely know is where the threshold lies, beyond which management itself becomes the problem rather than the solution. Equally however, it will be difficult for IT to move towards the nirvana of true service delivery management without using appropriate tools that do play well together, For so-called ‘legacy’ systems and software, what is the tipping point where the management pain exceeds the gain of keeping things going, and just how do things unfold – or indeed unravel from this point?

If you have any light you could shed on these issues, we’re all ears. ®

Website security in corporate America

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Apple CEO Tim Cook: TV is TERRIBLE and stuck in the 1970s
The iKing thinks telly is far too fiddly and ugly – basically, iTunes
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.